Multiple Vulnerabilities in Fortigate NGFW on RUGGEDCOM APE1808 Devices

Act Now9.8SSA-975644Mar 10, 2026

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Multiple vulnerabilities (CWE-444 request smuggling, CWE-940 deserialization, CWE-134 format string, CWE-288 authentication bypass) in Fortinet FORTIOS firmware used on Siemens RUGGEDCOM APE1808 industrial network appliances. These flaws allow unauthenticated remote code execution. The device is actively being exploited in the wild. Siemens has released firmware updates to address the underlying Fortinet issues.

What this means

What could happen

An attacker can remotely execute code on the RUGGEDCOM APE1808 appliance without authentication, potentially disrupting network access and communications for connected industrial systems or allowing lateral movement into critical infrastructure networks.

Who's at risk

Manufacturing facilities and utilities using Siemens RUGGEDCOM APE1808 appliances for network management and industrial firewall protection. This includes any organization relying on these devices for securing PLC networks, SCADA communications, or remote access to industrial control systems.

How it could be exploited

An attacker on the network can send a specially crafted request to the Fortigate NGFW running on the APE1808 device. The request exploits request smuggling, unsafe deserialization, and/or authentication bypass flaws to achieve unauthenticated remote code execution with high privileges. No user interaction is required.

Prerequisites

Network reachability to the APE1808 device (typically port 443 for NGFW management or network traffic)
Device running vulnerable FORTIOS version (all versions prior to patched release)

remotely exploitableno authentication requiredlow complexityactively exploited (KEV)critical severity (CVSS 9.8)affects industrial appliances and network security infrastructure

Exploitability

Actively exploited — confirmed by CISA KEV

Affected products (1)

ProductAffected VersionsFix Status

RUGGEDCOM APE1808All versionsSee vendor updates: Fortigate NGFW v7.4.10 or v7.4.11 or later

Remediation & Mitigation

0/4

Do now

0/3

HOTFIXUpdate RUGGEDCOM APE1808 Fortigate NGFW firmware to version 7.4.10 or later

HOTFIXIf using FSSO TS Agent, update to version 5.0 build 0324 or later simultaneously with NGFW update

WORKAROUNDRestrict network access to the APE1808 management interface (port 443 and any administrative ports) using firewall rules—allow only authorized engineering and management networks until patches can be applied

Long-term hardening

0/1

HARDENINGSegment the APE1808 device on a dedicated management network separate from operational networks to limit lateral movement potential

CVEs (4)

CVE-2025-55018 CVE-2025-62439 CVE-2025-64157 CVE-2026-24858

View full Siemens ProductCERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/9b7c7c3a-4f9c-4357-ad3c-7d1f2bf829d2